name: CI

on: workflow_dispatch

# on:
#   push:
#     branches:
#       - main
#       - release/*
#   pull_request:
#     branches:
#       - main
#       - release/*

jobs:
  windows:
    name: Windows
    runs-on: windows-2022
    timeout-minutes: 60
    env:
      CHILD_CONCURRENCY: "1"
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    steps:
      - uses: actions/checkout@v4

      - uses: actions/setup-node@v4
        with:
          node-version-file: .nvmrc

      - uses: actions/setup-python@v5
        with:
          python-version: "2.x"

      - name: Compute node modules cache key
        id: nodeModulesCacheKey
        run: echo "value=$(node build/azure-pipelines/common/computeNodeModulesCacheKey.js)" >> $GITHUB_OUTPUT
      - name: Cache node_modules archive
        id: cacheNodeModules
        uses: actions/cache@v4
        with:
          path: ".build/node_modules_cache"
          key: "${{ runner.os }}-cacheNodeModulesArchive-${{ steps.nodeModulesCacheKey.outputs.value }}"
      - name: Extract node_modules archive
        if: ${{ steps.cacheNodeModules.outputs.cache-hit == 'true' }}
        run: 7z.exe x .build/node_modules_cache/cache.7z -aos
      - name: Get yarn cache directory path
        id: yarnCacheDirPath
        if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }}
        run: echo "dir=$(yarn cache dir)" >> $GITHUB_OUTPUT
      - name: Cache yarn directory
        if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }}
        uses: actions/cache@v4
        with:
          path: ${{ steps.yarnCacheDirPath.outputs.dir }}
          key: ${{ runner.os }}-yarnCacheDir-${{ steps.nodeModulesCacheKey.outputs.value }}
          restore-keys: ${{ runner.os }}-yarnCacheDir-
      - name: Execute yarn
        if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }}
        env:
          PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1
          ELECTRON_SKIP_BINARY_DOWNLOAD: 1
        run: yarn --frozen-lockfile --network-timeout 180000
      - name: Create node_modules archive
        if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }}
        run: |
          mkdir -Force .build
          node build/azure-pipelines/common/listNodeModules.js .build/node_modules_list.txt
          mkdir -Force .build/node_modules_cache
          7z.exe a .build/node_modules_cache/cache.7z -mx3 `@.build/node_modules_list.txt

      - name: Compile and Download
        run: yarn npm-run-all --max-old-space-size=4095 -lp compile "electron x64" playwright-install download-builtin-extensions

      - name: Compile Integration Tests
        run: yarn --cwd test/integration/browser compile

      - name: Run Unit Tests (Electron)
        run: .\scripts\test.bat

      - name: Run Unit Tests (node.js)
        run: yarn test-node

      - name: Run Unit Tests (Browser, Chromium)
        run: yarn test-browser-no-install --browser chromium

      - name: Run Integration Tests (Electron)
        run: .\scripts\test-integration.bat

      - name: Run Integration Tests (Browser, Firefox)
        timeout-minutes: 20
        run: .\scripts\test-web-integration.bat --browser firefox

      - name: Run Integration Tests (Remote)
        timeout-minutes: 20
        run: .\scripts\test-remote-integration.bat

  linux:
    name: Linux
    runs-on: ubuntu-latest
    timeout-minutes: 40
    env:
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    steps:
      - uses: actions/checkout@v4

      # TODO: rename azure-pipelines/linux/xvfb.init to github-actions
      - name: Setup Build Environment
        run: |
          sudo apt-get update
          sudo apt-get install -y libxkbfile-dev pkg-config libkrb5-dev libxss1 dbus xvfb libgtk-3-0 libgbm1
          sudo cp build/azure-pipelines/linux/xvfb.init /etc/init.d/xvfb
          sudo chmod +x /etc/init.d/xvfb
          sudo update-rc.d xvfb defaults
          sudo service xvfb start

      - uses: actions/setup-node@v4
        with:
          node-version-file: .nvmrc

      - name: Compute node modules cache key
        id: nodeModulesCacheKey
        run: echo "value=$(node build/azure-pipelines/common/computeNodeModulesCacheKey.js)" >> $GITHUB_OUTPUT
      - name: Cache node modules
        id: cacheNodeModules
        uses: actions/cache@v4
        with:
          path: "**/node_modules"
          key: ${{ runner.os }}-cacheNodeModulesLinux-${{ steps.nodeModulesCacheKey.outputs.value }}
      - name: Get yarn cache directory path
        id: yarnCacheDirPath
        if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }}
        run: echo "dir=$(yarn cache dir)" >> $GITHUB_OUTPUT
      - name: Cache yarn directory
        if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }}
        uses: actions/cache@v4
        with:
          path: ${{ steps.yarnCacheDirPath.outputs.dir }}
          key: ${{ runner.os }}-yarnCacheDir-${{ steps.nodeModulesCacheKey.outputs.value }}
          restore-keys: ${{ runner.os }}-yarnCacheDir-
      - name: Execute yarn
        if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }}
        env:
          PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1
          ELECTRON_SKIP_BINARY_DOWNLOAD: 1
        run: yarn --frozen-lockfile --network-timeout 180000

      - name: Compile and Download
        run: yarn npm-run-all --max-old-space-size=4095 -lp compile "electron x64" playwright-install download-builtin-extensions

      - name: Compile Integration Tests
        run: yarn --cwd test/integration/browser compile

      - name: Run Unit Tests (Electron)
        id: electron-unit-tests
        run: DISPLAY=:10 ./scripts/test.sh

      - name: Run Unit Tests (node.js)
        id: nodejs-unit-tests
        run: yarn test-node

      - name: Run Unit Tests (Browser, Chromium)
        id: browser-unit-tests
        run: DISPLAY=:10 yarn test-browser-no-install --browser chromium

      - name: Run Integration Tests (Electron)
        id: electron-integration-tests
        run: DISPLAY=:10 ./scripts/test-integration.sh

      - name: Run Integration Tests (Browser, Chromium)
        id: browser-integration-tests
        run: DISPLAY=:10 ./scripts/test-web-integration.sh --browser chromium

      - name: Run Integration Tests (Remote)
        id: electron-remote-integration-tests
        timeout-minutes: 15
        run: DISPLAY=:10 ./scripts/test-remote-integration.sh

  darwin:
    name: macOS
    runs-on: macos-latest
    timeout-minutes: 40
    env:
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    steps:
      - uses: actions/checkout@v4

      - uses: actions/setup-node@v4
        with:
          node-version-file: .nvmrc

      - name: Compute node modules cache key
        id: nodeModulesCacheKey
        run: echo "value=$(node build/azure-pipelines/common/computeNodeModulesCacheKey.js)" >> $GITHUB_OUTPUT
      - name: Cache node modules
        id: cacheNodeModules
        uses: actions/cache@v4
        with:
          path: "**/node_modules"
          key: ${{ runner.os }}-cacheNodeModulesMacOS-${{ steps.nodeModulesCacheKey.outputs.value }}
      - name: Get yarn cache directory path
        id: yarnCacheDirPath
        if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }}
        run: echo "dir=$(yarn cache dir)" >> $GITHUB_OUTPUT
      - name: Cache yarn directory
        if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }}
        uses: actions/cache@v4
        with:
          path: ${{ steps.yarnCacheDirPath.outputs.dir }}
          key: ${{ runner.os }}-yarnCacheDir-${{ steps.nodeModulesCacheKey.outputs.value }}
          restore-keys: ${{ runner.os }}-yarnCacheDir-
      - name: Execute yarn
        if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }}
        env:
          PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1
          ELECTRON_SKIP_BINARY_DOWNLOAD: 1
        run: yarn --frozen-lockfile --network-timeout 180000

      - name: Compile and Download
        run: yarn npm-run-all --max-old-space-size=4095 -lp compile "electron x64" playwright-install download-builtin-extensions

      - name: Compile Integration Tests
        run: yarn --cwd test/integration/browser compile

      # This is required for SecretStorage unittests
      - name: Create temporary keychain
        run: |
          security create-keychain -p pwd $RUNNER_TEMP/buildagent.keychain
          security default-keychain -s $RUNNER_TEMP/buildagent.keychain
          security unlock-keychain -p pwd $RUNNER_TEMP/buildagent.keychain

      - name: Run Unit Tests (Electron)
        run: DISPLAY=:10 ./scripts/test.sh

      - name: Run Unit Tests (node.js)
        run: yarn test-node

      - name: Run Unit Tests (Browser, Chromium)
        run: DISPLAY=:10 yarn test-browser-no-install --browser chromium

      - name: Run Integration Tests (Electron)
        run: DISPLAY=:10 ./scripts/test-integration.sh

      - name: Run Integration Tests (Browser, Webkit)
        run: DISPLAY=:10 ./scripts/test-web-integration.sh --browser webkit

      - name: Run Integration Tests (Remote)
        timeout-minutes: 15
        run: DISPLAY=:10 ./scripts/test-remote-integration.sh

  hygiene:
    name: Hygiene and Layering
    runs-on: ubuntu-latest
    timeout-minutes: 40
    env:
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    steps:
      - uses: actions/checkout@v4

      - uses: actions/setup-node@v4
        with:
          node-version-file: .nvmrc

      - name: Compute node modules cache key
        id: nodeModulesCacheKey
        run: echo "value=$(node build/azure-pipelines/common/computeNodeModulesCacheKey.js)" >> $GITHUB_OUTPUT
      - name: Cache node modules
        id: cacheNodeModules
        uses: actions/cache@v4
        with:
          path: "**/node_modules"
          key: ${{ runner.os }}-cacheNodeModulesLinux-${{ steps.nodeModulesCacheKey.outputs.value }}
      - name: Get yarn cache directory path
        id: yarnCacheDirPath
        if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }}
        run: echo "dir=$(yarn cache dir)" >> $GITHUB_OUTPUT
      - name: Cache yarn directory
        if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }}
        uses: actions/cache@v4
        with:
          path: ${{ steps.yarnCacheDirPath.outputs.dir }}
          key: ${{ runner.os }}-yarnCacheDir-${{ steps.nodeModulesCacheKey.outputs.value }}
          restore-keys: ${{ runner.os }}-yarnCacheDir-
      - name: Execute yarn
        if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }}
        env:
          PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1
          ELECTRON_SKIP_BINARY_DOWNLOAD: 1
        run: yarn --frozen-lockfile --network-timeout 180000

      - name: Download Playwright
        run: yarn playwright-install

      - name: Run Hygiene Checks
        run: yarn gulp hygiene

      - name: Run Valid Layers Checks
        run: yarn valid-layers-check

      - name: Compile /build/
        run: yarn --cwd build compile

      - name: Check clean git state
        run: ./.github/workflows/check-clean-git-state.sh

      - name: Run eslint
        run: yarn eslint

      - name: Run vscode-dts Compile Checks
        run: yarn vscode-dts-compile-check

      - name: Run Trusted Types Checks
        run: yarn tsec-compile-check
